Enrich authprofile alerts

[kkleemola]

It would helpful if authprofile alerts contained information necessary to correlate with the originating event especially in the case of cloudtrail. Cloudtrail event id and event time would be particularly useful. These don't necessarily need to be added to the slack output but should be in the alert db.